On Thu, Dec 11, 2014 at 02:25:12PM +0100, Cornelia Huck wrote:
> @@ -608,6 +631,25 @@ static int virtio_ccw_cb(SubchDev *sch, CCW1 ccw)
> }
> }
> break;
> + case CCW_CMD_SET_VIRTIO_REV:
> + len = sizeof(revinfo);
> + if (ccw.count < len || (check_len && ccw.count > len)) {
> + ret = -EINVAL;
> + break;
> + }
> + if (!ccw.cda) {
> + ret = -EFAULT;
> + break;
> + }
> + cpu_physical_memory_read(ccw.cda, &revinfo, len);
> + if (dev->revision >= 0 ||
> + revinfo.revision > virtio_ccw_rev_max(dev)) {In the next patch virtio_ccw_handle_set_vq() uses big-endian memory access functions to load a struct from guest memory. Here you just copy the struct in without byteswaps. Are the byteswaps missing here? (I guess this normally runs big-endian guests on big-endian hosts so it's not noticable.) Stefan
pgplXEs9ODsoc.pgp
Description: PGP signature
